LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Linux Newbie seeking advice on proper security for 7.3 web server... (https://www.linuxquestions.org/questions/linux-security-4/linux-newbie-seeking-advice-on-proper-security-for-7-3-web-server-51410/)

marvc 03-24-2003 12:03 AM
Linux Newbie seeking advice on proper security for 7.3 web server...
 
OK...I've finally got my new RH 7.3 server installed and RIADed like I think I want. As I'm in the progress of making this my first self-hosted web server I'd like to know how best to configure security o this box? This server will serve as a web server, ftp server, mail server, gallery, and prolly an MP3 server. I plan on installing PostNuke and managing everything from there. This server sits on a DSL/w2k network but will not be accessed by any w2k boxes. I have a seperate laptop running RH 8.0 that I plan on using for file sharing and firewall access to this box and the network.
I'm rambling, but please follow me. I'm trying to be thorough. :D

So with that said what is the best method of linux security that I should implement on this box? Anyone have any steps or processes they follow for properly securing their hosted servers? Anyone care to recommend any good tools I should download and install before I start configuring apache? I've viewed the threads listed on the 3 pages in this forum, security, but I wanna ask this question anyway as I'm hopigng it'll spawn some new questions or thought processes.
Please bear in mind that I am new to linux, especially security, so any responses are greatly appreciated.

bbenz3 03-24-2003 12:15 AM
I am not totally sure exactly how you have this box networked.
Is it directly connecteed to the internet?
If so are you planning on using this machine to be your firewall/router for other machines (ie your laptop).

As for security I would suggest learning something about iptables and if you do a search on here you should find numerous firewall/router iptable scripts. I pulled a basic one from here and then formulated my own from that one. I have a similar setup however I have an old machine that is my dedicated router and then everything else sits on machines behind that. Therefore it makes life a little easier by allowing me to just forward packets through my router instead of having to accept them. However it isn't that hard to do what I believe you are doing too. Hope this helps some.

unSpawn 03-24-2003 03:14 AM
Anyone care to recommend any good tools I should download and install before I start configuring apache?
We had a thread started by Markus1982 aprox a month ago about server security practices and tools. If you haven't read it, plz do so first. Then load up the LQ Security references, especially post #1, the CERT and SANS stuff.

I've viewed the threads listed on the 3 pages in this forum, security, but I wanna ask this question anyway as I'm hopigng it'll spawn some new questions or thought processes.
If you follow the stuff above, you'll be able to ask for more specific stuff based on what you've read about there, what you know already and what you need. In the end that allows us to be more helpfull as well.

bbenz3: As for security I would suggest learning something about iptables and if you do a search on here you should find numerous firewall/router iptable scripts.
I can understand where this is coming from, but it's a general misconception that a firewall == security.
Security starts at the base, that's the O.S. itself, is an ongoing process, and is usually outlined by defining what a box is going to be used for (and the company's security policy, if any). When you chalk up the requirements, you'll have the outline for SW specs, user and network access needs.

Fastforwarding it you need to establish a log to record all admin changes, install (only!) essential stuff, backup your configs, record your HW/SW data, introduce a file system integrity checker, backup and upgrade plan, remote access (and remote logging if necessary) and then secure the base system to "seal it off".

When user, application and network restrictions are in place, audit your system using any of CIS scanner, env_audit, COPS, Tiger etc, etc all based on minimally the SANS Top 20 common vulnerabilities and the AUSCERT UNIX checklist. Then you're able to configure public network services based on the framework you made, and tweak the framework where necessary.

HTH somehow.

marvc 03-24-2003 02:42 PM
This web server sits at my home location on a w2k network that sits behind my linksys dsl router, which is acting as my router/firewall. My main intent is to ensure that this server is as secure as I can get it since it's the only Linux server/web server on my network. I don't know if installing a firewall on this box is necessary or required being that I'm using port forwarding on my dsl router, so I don't know how the additional firewall will react. This web server will be exposed or open to the Internet, but aside from outside users accessing the website that I plan on hosting and me accessing the server from a linux 8.0 laptop from time to time, there will be no other users are options open for internal access.
Let me also restate that I am new to linux and linux security, so I'm not that familiar with some of the tools that are being mentioned. If it's necessary that I install a firewall onto this box can someone provide a tool that's doesn't require a lot of customizing? I don't want to build a firewall from scratch. I simply want to get this initial process over of leaning linux, securing a web server, and going from there.
I'm going thru the LQ Security preferences. Haven't located that post by markus1982, but I'm looking for it.
thanks again...


All times are GMT -5. The time now is 05:59 PM.